undefined | Better HN

0 pointsSpivak5y ago0 comments

I mean if they’re worthless tunnels then so is every SSH tunnel. Should we just go back to telnet?

0 comments

On your own network? Does it really matter whether you use telnet or ssh? And if it’s on a shared network, don’t you have an IT department that can set up the local key infrastructure and push out certificates?

The argument here is that we should enable lots of shitty IoT devices to masquerade as being secure, and inure browser users to click ‘yes’ to accepting a broken certificate.

If it’s on a managed network, IT can set up a certificate and push that out to client machines. If it’s on your home network you can do that (unless your IoT device can’t take a user configured client cert, in which case it’s rubbish anyways), and if you can’t then you might as well use HTTP.

imtringued5y ago

Ok we can always use HTTP instead. I personally hate how using HTTPS gets harder and harder every single year.

j / k navigate · click thread line to collapse

0 comments

CountSessine5y ago

The argument here is that we should enable lots of shitty IoT devices to masquerade as being secure, and inure browser users to click ‘yes’ to accepting a broken certificate.

imtringued5y ago

Ok we can always use HTTP instead. I personally hate how using HTTPS gets harder and harder every single year.

j / k navigate · click thread line to collapse